Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/rOcE1MMems6guxGTvItmNxn2jBI.roa
File: rOcE1MMems6guxGTvItmNxn2jBI.roa (raw, json)
Hash identifier: +zOK5BQq6o8lZ9uB0N7puuWczr8vQsNkn1RrKZgxwnI=
Subject key identifier: AC:E7:04:D4:C3:1E:9A:CE:A0:BB:11:93:BC:8B:66:37:19:F6:8C:12
Certificate issuer: /CN=007e6b5aa437d3693151502a211496e37d4ae2c5
Certificate serial: 04087618
Authority key identifier: 00:7E:6B:5A:A4:37:D3:69:31:51:50:2A:21:14:96:E3:7D:4A:E2:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/rOcE1MMems6guxGTvItmNxn2jBI.roa
Signing time: Sat 01 Jan 2022 15:03:31 +0000
ROA not before: Sat 01 Jan 2022 15:03:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5630
IP address blocks: 89.106.184.0/21 maxlen: 24
2a01:20:4::/48 maxlen: 48
2a01:20::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67663384 (0x4087618)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=007e6b5aa437d3693151502a211496e37d4ae2c5
Validity
Not Before: Jan 1 15:03:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ace704d4c31e9acea0bb1193bc8b663719f68c12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f5:b3:d6:09:e1:7f:96:06:4a:02:32:0d:92:
09:4d:ea:8e:bd:6c:b7:c8:fb:ae:6a:69:52:39:dd:
94:57:d7:9f:7c:41:0b:5f:a6:09:96:29:37:5b:de:
9f:2b:91:90:c8:14:56:78:6b:40:b8:e7:fe:a1:9d:
b5:c0:e5:31:07:a2:ed:a7:25:ef:95:bd:6e:47:e3:
24:25:03:7e:75:d5:b5:52:e4:e0:3e:04:82:99:4e:
05:86:f2:74:2c:24:6c:6b:e3:f3:6f:3a:46:23:f6:
d9:2e:b3:08:c3:56:f9:b6:f1:92:38:ea:71:ea:5b:
9e:d1:2e:55:97:17:8b:28:e5:7b:27:e4:be:d5:65:
2d:21:3d:26:c5:69:f8:04:d2:ab:fa:0e:c5:07:9e:
77:83:e6:15:42:5f:39:f2:bb:00:72:df:79:3f:9a:
9a:07:26:15:98:8a:45:66:b9:05:18:a0:cc:30:b5:
e3:f3:1b:09:c2:3f:86:b7:8d:3d:ef:43:74:80:e5:
48:c0:fa:6d:88:fd:77:6c:da:9f:84:c3:35:2b:8c:
1c:3a:10:a1:37:a3:22:5f:be:a4:e4:2e:79:a6:34:
45:a5:0d:87:43:ca:57:dc:8a:83:22:eb:01:f3:51:
39:7e:79:89:aa:10:32:a5:19:80:6d:8b:0c:66:1e:
6b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:E7:04:D4:C3:1E:9A:CE:A0:BB:11:93:BC:8B:66:37:19:F6:8C:12
X509v3 Authority Key Identifier:
keyid:00:7E:6B:5A:A4:37:D3:69:31:51:50:2A:21:14:96:E3:7D:4A:E2:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/rOcE1MMems6guxGTvItmNxn2jBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/AH5rWqQ302kxUVAqIRSW431K4sU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.184.0/21
IPv6:
2a01:20::/48
2a01:20:4::/48
Signature Algorithm: sha256WithRSAEncryption
4b:28:f1:d9:b3:48:5c:b4:58:f0:c5:8c:36:30:aa:f6:e9:4b:
3a:8b:0c:2f:e6:26:83:54:f3:8c:6f:e4:59:a6:47:7e:5f:17:
22:39:da:40:d4:f4:40:50:93:95:84:55:8a:9f:45:64:e3:67:
cd:45:6c:9e:e0:72:4c:ff:30:01:c8:df:cb:ef:3a:95:2d:8f:
ee:58:fb:ab:c3:da:ee:36:fc:31:f8:b0:b2:65:8f:70:a5:bd:
10:62:49:be:3d:9f:f7:22:c9:93:89:90:e5:d8:a0:3f:b3:d4:
89:a2:df:f8:d0:c6:dc:28:60:36:66:c7:78:ad:48:15:cd:2e:
fb:da:bf:65:af:c8:0f:20:dc:76:e1:6b:f8:8f:97:0d:c4:63:
5a:56:7b:31:04:81:43:c6:1f:d1:17:ce:7e:94:70:79:fa:19:
d4:74:34:3e:54:86:77:da:4f:ee:e9:23:a3:a9:a4:c1:9b:35:
3c:12:2b:f4:20:17:26:3c:e7:f3:ac:d6:c0:d9:33:97:1b:7d:
12:15:ea:a8:78:42:1a:bd:8e:37:c4:49:bf:27:41:aa:0d:21:
b1:0a:e0:ef:a6:12:7b:f3:01:31:c0:53:90:09:00:4b:12:b1:
f3:37:26:a3:a3:62:e8:bb:72:f9:01:32:4a:f7:36:d4:88:4d:
3c:61:aa:d5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEBAh2GDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MDdlNmI1YWE0MzdkMzY5MzE1MTUwMmEyMTE0OTZlMzdkNGFlMmM1MB4XDTIyMDEw
MTE1MDMzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWNlNzA0ZDRjMzFl
OWFjZWEwYmIxMTkzYmM4YjY2MzcxOWY2OGMxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI31s9YJ4X+WBkoCMg2SCU3qjr1st8j7rmppUjndlFfXn3xB
C1+mCZYpN1venyuRkMgUVnhrQLjn/qGdtcDlMQei7acl75W9bkfjJCUDfnXVtVLk
4D4EgplOBYbydCwkbGvj8286RiP22S6zCMNW+bbxkjjqcepbntEuVZcXiyjleyfk
vtVlLSE9JsVp+ATSq/oOxQeed4PmFUJfOfK7AHLfeT+amgcmFZiKRWa5BRigzDC1
4/MbCcI/hreNPe9DdIDlSMD6bYj9d2zan4TDNSuMHDoQoTejIl++pOQueaY0RaUN
h0PKV9yKgyLrAfNROX55iaoQMqUZgG2LDGYea5sCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBSs5wTUwx6azqC7EZO8i2Y3GfaMEjAfBgNVHSMEGDAWgBQAfmtapDfTaTFR
UCohFJbjfUrixTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FINXJXcVEzMDJreFVWQXFJUlNXNDMxSzRzVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvNTE4ZmFiLTc2MDYtNDgzMi1hYTY2LTVhOGM2Nzg0MjM4OS8x
L3JPY0UxTU1lbXM2Z3V4R1R2SXRtTnhuMmpCSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
NTE4ZmFiLTc2MDYtNDgzMi1hYTY2LTVhOGM2Nzg0MjM4OS8xL0FINXJXcVEzMDJr
eFVWQXFJUlNXNDMxSzRzVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwDAQCAAEwBgMEA1lquDAYBAIAAjASAwcAKgEAIAAA
AwcAKgEAIAAEMA0GCSqGSIb3DQEBCwUAA4IBAQBLKPHZs0hctFjwxYw2MKr26Us6
iwwv5iaDVPOMb+RZpkd+XxciOdpA1PRAUJOVhFWKn0Vk42fNRWye4HJM/zAByN/L
7zqVLY/uWPurw9ruNvwx+LCyZY9wpb0QYkm+PZ/3IsmTiZDl2KA/s9SJot/40Mbc
KGA2Zsd4rUgVzS772r9lr8gPINx24Wv4j5cNxGNaVnsxBIFDxh/RF85+lHB5+hnU
dDQ+VIZ32k/u6SOjqaTBmzU8Eiv0IBcmPOfzrNbA2TOXG30SFeqoeEIavY43xEm/
J0GqDSGxCuDvphJ78wExwFOQCQBLErHzNyajo2Lou3L5ATJK9zbUiE08YarV
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:02 2023 by rpki-client on console-ams.rpki-client.org